Embodiments of the invention are directed to systems and methods related to authentication a user performing a transaction.
The Internet has made it increasingly easy for users to conduct electronic transactions using computing devices such as mobile devices (e.g., mobile phones, tablet computers). However, it has also increased the risks of fraudulent transactions, as well as the risk of data being compromised. Transactions conducted over the Internet, using a website hosted by a resource provider or a mobile application, can make it difficult for a resource provider or transaction processing entity to know whether the user conducting the transaction is actually the user he purports to be. Thus, systems have been established to perform authentication processing.
In current solutions, when a user conducts a transaction with a resource provider that uses a secure authentication system, the user includes a previously generated cryptogram with the transaction. The cryptogram is typically generated and provisioned to the user by a token generation service. This is meant to ensure that the person engaging in the transaction is authenticated.
This process has several drawbacks. One drawback is that the cryptogram generation procedure creates friction in the transaction process due to the cryptogram being generated by a separate system from the transaction requestor. This also causes the requestor to be dependent on another system in order to conduct a transaction. Another drawback is that, in current solutions, the cryptogram is generated based a predefined rules over which the requestor has no influence. Additionally, cryptograms are utilized in traditional systems merely as an authentication tool.
Thus, there is a need for new and enhanced methods of performing an authentication process for a transaction that utilizes a secure authentication infrastructure and that are more efficient and/or provide greater flexibility in the authentication process.
Embodiments of the invention address these and other problems, individually and collectively.